<?php

/* 
 * Copyright (C) 2007 Revodes <http://www.revodes.com/>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

class Session {
	private $core;
	
	function Session($core) {
		session_start();
	}
	
	function destroy() {
		session_destroy();
		unset($_SESSION);
		
		if (session_is_registered($_SESSION["userid"]))
			return 0;
		return 1;
	}
	
	function logUserin($username, $password) {
		global $core;
		$username = $core->strip($username);
		$password = $core->strip($password);
		
		if ($core->database->confirmUser($username, $password)) {
			// Register SESSION Variables
			$_SESSION['username'] = $username;
			$_SESSION['password'] = $password;

			$login_ip = $_SERVER['REMOTE_ADDR'];
			$login_timestamp = time();
			
			$query = $core->database->sql_query("SELECT `userid`,`userlevel` FROM `users` WHERE `username`='$username' LIMIT 1;");
			
			$rows = mysql_fetch_assoc($query);
			
			$_SESSION['userid'] = $rows['userid'];
			$_SESSION['userlevel'] = $rows['userlevel'];

			$core->database->sql_query("UPDATE `users` SET login_ip='$login_ip', login_timestamp='$login_timestamp' 
			WHERE username='$username'");

			return 1;
		} else {
			return 0;
		}
	}
	
	function isLoggedin() {
		global $core;
		
		if (!isset($_SESSION['username']))
			$username = null;
		else
			$username = $_SESSION['username'];
		
		if (!isset($_SESSION['password']))
			$password = null;
		else
			$password = $_SESSION['password'];
		
		if ($core->database->checkLogin($username, $password)) {
			return 1;
		} else {
			return 0;
		}
	}
}

?>